<?php
//edit $sessiontime to change length before logout
//AUTHENTICATES USER AND LOGS THEM IN.. CHANGE $sessiontime VARIABLE IN HERE AND IN TIMEOUT.PHP TO ALTER TIME BEFORE SESSION TIMESOUT..
include("./db.php");
dbConnect('kar_web1');

$user = mysql_real_escape_string($_GET['user']);
$pass = mysql_real_escape_string($_GET['password']);
$user = strtolower($user);
$pass = md5($pass);

$query = "SELECT name, password, volunteer_id, active, board, webteam, cat_screener, dog_screener, cat_foster, dog_foster FROM volunteers" . " WHERE volunteers.login = '$user'";
$result = mysql_query($query);
if (!$result) 
{
    echo 'Could not run query: ' . mysql_error();
	exit;
}
$row = mysql_fetch_row($result);
if($pass == $row[1])
{
	if ($row[3] == 'y')
	{
		$name=$row[0];
		$volunteerID=$row[2];
		$boardMbr=$row[4];
		$webteamMbr=$row[5];
		$catscreen=$row[6];
		$dogscreen=$row[7];
		$catfoster=$row[8];
		$dogfoster=$row[9];
		
		// Declare the start of the session
		session_start();
		$_SESSION["name"] = $name;
		$_SESSION["vounteerID"] = $volunteerID;
		$_SESSION["board"] = $boardMbr;
		$_SESSION["webteam"] = $webteamMbr;
		$_SESSION["catscreen"] = $catscreen;
		$_SESSION["dogscreen"] = $dogscreen;
		$_SESSION["catfoster"] = $catfoster;
		$_SESSION["dogfoster"] = $dogfoster;
		
		//Used to make a timestamp for timeout purposes
		$sessiontime=30;
		$c_hour = date("H");
		$c_min = date("i");
		$c_sec = date("s");
		$c_mon = date("m");
		$c_day = date("d");
		$c_year = date("Y");
		$c_timestamp = mktime($c_hour,$c_min+$sessiontime,$c_sec,$c_mon,$c_day,$c_year);
	
		$_SESSION["stamp"] = $c_timestamp;
		session_write_close();
		echo ("Login Successful!");
		header("Location: http://02d2e0a.netsolhost.com/admin/admin.php");
		exit;
	}
	else
	{
		echo ("Inactive User. Please contact an administrator.<br>");
		echo ("<a href=\"login.php\">Go Back</a>");
		exit;
	}
}
else
{
	echo ("Invalid UserName or Password.");
	echo ("<a href=\"login.php\">Go Back</a>");
	exit;
}
?>